mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-04-30 02:58:38 +02:00
55 lines
1.7 KiB
YAML
55 lines
1.7 KiB
YAML
---
|
|
- name: "Remove Nginx configuration for deprecated domains"
|
|
ansible.builtin.command:
|
|
cmd: >-
|
|
rm -fv /etc/nginx/conf.d/http/servers/*.{{ item }}.conf;
|
|
rm -fv /etc/nginx/conf.d/http/servers/{{ item }}.conf
|
|
loop: "{{ deprecated_domains }}"
|
|
loop_control:
|
|
label: "{{ item }}"
|
|
notify: restart nginx
|
|
when:
|
|
- mode_cleanup | bool
|
|
- run_once_nginx_domains_cleanup is not defined
|
|
|
|
# The revoking just works for the base domain
|
|
- name: "Revoke Certbot certificate for {{ item }}"
|
|
ansible.builtin.command:
|
|
cmd: "certbot revoke -n --cert-name {{ item }}"
|
|
become: true
|
|
loop: "{{ deprecated_domains }}"
|
|
loop_control:
|
|
label: "{{ item }}"
|
|
when:
|
|
- mode_cleanup | bool
|
|
- run_once_nginx_domains_cleanup is not defined
|
|
register: certbot_revoke_result
|
|
failed_when: >
|
|
certbot_revoke_result.rc != 0 and
|
|
'No certificate found with name' not in certbot_revoke_result.stderr
|
|
changed_when: >
|
|
certbot_revoke_result.rc == 0
|
|
|
|
# The deleting just works for the base domain
|
|
- name: "Delete Certbot certificate for {{ item }}"
|
|
ansible.builtin.command:
|
|
cmd: "certbot delete -n --cert-name {{ item }}"
|
|
become: true
|
|
loop: "{{ deprecated_domains }}"
|
|
loop_control:
|
|
label: "{{ item }}"
|
|
when:
|
|
- mode_cleanup | bool
|
|
- run_once_nginx_domains_cleanup is not defined
|
|
register: certbot_delete_result
|
|
failed_when: >
|
|
certbot_delete_result.rc != 0 and
|
|
'No certificate found with name' not in certbot_delete_result.stderr
|
|
changed_when: >
|
|
certbot_delete_result.rc == 0
|
|
|
|
- name: run the nginx_domains_cleanup role once
|
|
set_fact:
|
|
run_once_nginx_domains_cleanup: true
|
|
when: run_once_nginx_domains_cleanup is not defined
|